Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/tvfgUvtcFUvHCqRkTLoiggshnsg.roa
File: tvfgUvtcFUvHCqRkTLoiggshnsg.roa (raw, json)
Hash identifier: CVcf/QqkE4iTDeLHjhmSd+wFRY4VP2GWULVl2K/QuqY=
Subject key identifier: B6:F7:E0:52:FB:5C:15:4B:C7:0A:A4:64:4C:BA:22:82:0B:21:9E:C8
Certificate issuer: /CN=0d814a5f08fb47711d7160b027f996dfb612f045
Certificate serial: 018CC56EDF7C9804EB0078B8AD36275F5474
Authority key identifier: 0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/tvfgUvtcFUvHCqRkTLoiggshnsg.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35132
IP address blocks: 178.249.120.0/21 maxlen: 21
185.243.176.0/22 maxlen: 22
217.149.112.0/20 maxlen: 20
185.186.132.0/22 maxlen: 22
109.122.48.0/21 maxlen: 21
62.50.160.0/19 maxlen: 19
185.141.156.0/22 maxlen: 22
185.214.16.0/22 maxlen: 22
37.32.48.0/21 maxlen: 21
89.20.224.0/19 maxlen: 19
93.89.32.0/20 maxlen: 20
185.197.220.0/22 maxlen: 22
109.235.100.0/22 maxlen: 22
95.111.160.0/19 maxlen: 19
188.119.80.0/22 maxlen: 22
2a02:1660::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:df:7c:98:04:eb:00:78:b8:ad:36:27:5f:54:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d814a5f08fb47711d7160b027f996dfb612f045
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6f7e052fb5c154bc70aa4644cba22820b219ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c3:52:a3:60:5a:79:13:e6:b2:f8:bd:1a:8c:
39:8b:ab:5e:c6:7e:92:be:bb:68:e3:89:3a:ff:33:
8a:47:5c:7a:b3:cb:ac:16:96:20:d1:c0:39:35:54:
ba:de:da:5a:bc:8c:58:bb:49:65:0b:9e:89:36:0c:
8e:cd:bd:9a:1e:b7:82:b6:c3:2f:91:14:91:3c:fd:
d0:36:5c:ab:4c:05:b4:d8:a4:e0:5c:c5:6b:21:09:
33:b7:e0:f5:14:14:17:79:47:eb:4a:8d:58:83:79:
70:e5:75:37:fc:65:d9:76:51:ea:d4:21:85:d8:91:
ea:50:67:57:a7:35:c5:19:23:0f:57:ae:a2:42:a0:
ca:c4:d9:d3:14:fa:3b:23:f8:47:b8:35:af:91:dc:
f5:9f:c6:20:9f:d8:75:6a:d7:cd:aa:72:84:2c:a7:
20:76:bb:c7:c6:9f:23:34:e5:bb:a1:7c:14:b2:68:
6c:1a:e2:b5:2f:11:15:86:56:df:f7:e1:57:b9:82:
9f:cf:f9:96:3a:c1:8c:d9:28:74:36:6d:0b:a7:ba:
21:57:12:a5:9d:ef:63:68:48:95:6b:11:02:31:ad:
2f:dd:d7:a3:e8:70:2a:81:6c:28:2a:89:0d:8d:ad:
ab:4e:ef:d0:7a:17:cb:53:b1:89:31:8e:f0:90:48:
67:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F7:E0:52:FB:5C:15:4B:C7:0A:A4:64:4C:BA:22:82:0B:21:9E:C8
X509v3 Authority Key Identifier:
keyid:0D:81:4A:5F:08:FB:47:71:1D:71:60:B0:27:F9:96:DF:B6:12:F0:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYFKXwj7R3EdcWCwJ_mW37YS8EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/tvfgUvtcFUvHCqRkTLoiggshnsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8a684b-0375-40e5-b726-ce7985b56093/1/DYFKXwj7R3EdcWCwJ_mW37YS8EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.48.0/21
62.50.160.0/19
89.20.224.0/19
93.89.32.0/20
95.111.160.0/19
109.122.48.0/21
109.235.100.0/22
178.249.120.0/21
185.141.156.0/22
185.186.132.0/22
185.197.220.0/22
185.214.16.0/22
185.243.176.0/22
188.119.80.0/22
217.149.112.0/20
IPv6:
2a02:1660::/32
Signature Algorithm: sha256WithRSAEncryption
7e:86:d8:50:81:4b:d6:9a:d0:29:f0:5c:cd:1e:f5:e8:41:70:
98:57:9e:85:1c:f7:a8:ca:ff:7d:c3:30:d1:1a:97:d8:4a:26:
8c:05:66:28:fe:a1:0b:d8:80:57:f1:31:ab:3e:24:c3:c1:7d:
fe:24:5e:c1:2e:52:c5:ea:70:12:4a:3e:ca:58:fb:d0:ad:72:
80:1b:e9:d7:bf:39:ff:32:c2:bf:7f:32:4f:03:13:4a:c2:a2:
a4:f5:e9:23:0c:9f:d9:e4:89:0e:6e:fb:62:8a:5a:68:7f:d3:
26:03:0d:da:d0:96:ea:ab:a4:82:74:b6:7e:b2:46:85:74:2b:
c5:95:ed:24:e8:0d:cb:d6:4a:04:e9:b6:de:d7:04:0f:28:b4:
60:d3:3c:23:c2:c8:d5:7a:8b:84:11:7d:db:7c:f0:64:62:60:
c7:dd:b4:70:f4:28:ca:7b:8a:fc:0d:88:a7:8f:ee:ca:eb:47:
88:41:3f:24:fe:9e:bf:e7:bd:d0:de:04:2a:10:18:1b:45:e9:
85:04:31:1f:84:14:e4:37:c7:61:42:5e:d9:fd:64:e6:4e:2b:
50:b7:8d:03:4f:4d:54:5c:02:45:98:34:4e:30:07:00:3d:b4:
0a:e6:41:72:ab:74:ef:f9:14:d8:0f:c2:c5:42:67:8b:c7:a5:
df:17:85:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzFbt98mATrAHi4rTYnX1R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODE0YTVmMDhmYjQ3NzExZDcxNjBiMDI3Zjk5NmRmYjYx
MmYwNDUwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY3ZTA1MmZiNWMxNTRiYzcwYWE0NjQ0Y2JhMjI4MjBiMjE5ZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMNSo2BaeRPmsvi9Gow5i6texn6S
vrto44k6/zOKR1x6s8usFpYg0cA5NVS63tpavIxYu0llC56JNgyOzb2aHreCtsMv
kRSRPP3QNlyrTAW02KTgXMVrIQkzt+D1FBQXeUfrSo1Yg3lw5XU3/GXZdlHq1CGF
2JHqUGdXpzXFGSMPV66iQqDKxNnTFPo7I/hHuDWvkdz1n8Ygn9h1atfNqnKELKcg
drvHxp8jNOW7oXwUsmhsGuK1LxEVhlbf9+FXuYKfz/mWOsGM2Sh0Nm0Lp7ohVxKl
ne9jaEiVaxECMa0v3dej6HAqgWwoKokNja2rTu/QehfLU7GJMY7wkEhnNwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFLb34FL7XBVLxwqkZEy6IoILIZ7IMB8GA1UdIwQY
MBaAFA2BSl8I+0dxHXFgsCf5lt+2EvBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYt
Y2U3OTg1YjU2MDkzLzEvdHZmZ1V2dGNGVXZIQ3FSa1RMb2lnZ3NobnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84YTY4NGItMDM3NS00MGU1LWI3MjYtY2U3OTg1YjU2MDkz
LzEvRFlGS1h3ajdSM0VkY1dDd0pfbVczN1lTOEVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAyUgMAME
BT4yoAMEBVkU4AMEBF1ZIAMEBV9voAMEA216MAMEAm3rZAMEA7L5eAMEArmNnAME
Arm6hAMEArnF3AMEArnWEAMEArnzsAMEArx3UAMEBNmVcDANBAIAAjAHAwUAKgIW
YDANBgkqhkiG9w0BAQsFAAOCAQEAfobYUIFL1prQKfBczR716EFwmFeehRz3qMr/
fcMw0RqX2EomjAVmKP6hC9iAV/Exqz4kw8F9/iRewS5SxepwEko+ylj70K1ygBvp
1785/zLCv38yTwMTSsKipPXpIwyf2eSJDm77YopaaH/TJgMN2tCW6qukgnS2frJG
hXQrxZXtJOgNy9ZKBOm23tcEDyi0YNM8I8LI1XqLhBF923zwZGJgx920cPQoynuK
/A2Ip4/uyutHiEE/JP6ev+e90N4EKhAYG0XphQQxH4QU5DfHYUJe2f1k5k4rULeN
A09NVFwCRZg0TjAHAD20CuZBcqt07/kU2A/CxUJni8el3xeFPg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 07:10:16 2024 by rpki-client on console-fra.rpki-client.org